<?php
/**
 * Created by Maxotm.
 * Email: 15979076441@163.com
 * Date: 2019/9/26
 */

namespace App\Http\Middleware;


use Closure;

class CORS
{
    public function handle($request, Closure $next) {
        /*$response = $next($request);
        $response->header('Access-Control-Allow-Origin', '*');
        $response->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Cookie, Accept');
        $response->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, OPTIONS');
        $response->header('Access-Control-Allow-Credentials', 'false');
        return $response;*/
        $response = $next($request);

        if ($response instanceof  Response) {
            return $next($request)->header('Access-Control-Allow-Origin', '*')
                ->header('Access-Control-Allow-Methods', 'GET,POST,PUT,OPTIONS,PATCH,DELETE,HEAD')
                ->header('Access-Control-Allow-Headers', 'x-csrf-token,x-requested-with,content-type');
        }

        //  如果是实列 \Symfony\Component\HttpFoundation\Response::class
        $response->headers->set('Access-Control-Allow-Origin', '*');
        $response->headers->set('Access-Control-Allow-Methods', 'GET,POST,PUT,OPTIONS,PATCH,DELETE,HEAD');
        $response->headers->set('Access-Control-Allow-Headers', 'x-csrf-token,x-requested-with,content-type');
        return $response;
    }
}